From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 447CA407D3 for ; Thu, 23 Dec 2021 07:25:22 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 4B6AE68B11A; Thu, 23 Dec 2021 09:25:20 +0200 (EET) Received: from mout-p-202.mailbox.org (mout-p-202.mailbox.org [80.241.56.172]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id F3F7568AF5D for ; Thu, 23 Dec 2021 09:25:13 +0200 (EET) Received: from smtp1.mailbox.org (smtp1.mailbox.org [80.241.60.240]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-202.mailbox.org (Postfix) with ESMTPS id 4JKMCs1r3yzQkmM for ; Thu, 23 Dec 2021 08:25:13 +0100 (CET) X-Virus-Scanned: amavisd-new at heinlein-support.de Message-ID: <8698638f-6bb2-490a-4984-2ac0b5d66364@gyani.pro> Date: Thu, 23 Dec 2021 12:54:58 +0530 MIME-Version: 1.0 Content-Language: en-US To: ffmpeg-devel@ffmpeg.org References: <20211222124728.7300-1-ffmpeg@gyani.pro> <20211222124728.7300-2-ffmpeg@gyani.pro> <20211222213417.GE2829255@pb2> From: Gyan Doshi In-Reply-To: <20211222213417.GE2829255@pb2> Subject: Re: [FFmpeg-devel] [PATCH v2 2/2] avformat/mov: validate box size for stts X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="us-ascii"; Format="flowed" Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: On 2021-12-23 03:04 am, Michael Niedermayer wrote: > On Wed, Dec 22, 2021 at 06:17:28PM +0530, Gyan Doshi wrote: >> --- >> libavformat/mov.c | 6 ++++++ >> 1 file changed, 6 insertions(+) >> >> diff --git a/libavformat/mov.c b/libavformat/mov.c >> index 7de95b7ab0..1e44c74944 100644 >> --- a/libavformat/mov.c >> +++ b/libavformat/mov.c >> @@ -2969,6 +2969,12 @@ static int mov_read_stts(MOVContext *c, AVIOContext *pb, MOVAtom atom) >> avio_rb24(pb); /* flags */ >> entries = avio_rb32(pb); >> >> + if (validate_box_size(c, atom, pb, avio_tell(pb)-8, 8+(int64_t)entries*8, 0)) { >> + av_log(c->fc, AV_LOG_ERROR, "Invalid or incomplete %s box in stream %d\n", >> + av_fourcc2str(atom.type), c->fc->nb_streams-1); >> + return AVERROR_INVALIDDATA; >> + } >> + >> av_log(c->fc, AV_LOG_TRACE, "track[%u].stts.entries = %u\n", >> c->fc->nb_streams-1, entries); >> > this breaks playback of > > ./ffplay H263_NM_f.mp4 Sent revised set. However, do we need to allow this? The file has multiple invalid boxes. gpac refuses to import it. vlc using its default mp4 demuxer does not open it, neither does wmp or firefox. Seems only avformat users can open the file. Regards, Gyan _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".